Filter
Top Products
296 CHAPTER 32: SSH CONFIGURATION GUIDE
# Create a VLAN interface on the switch and assign an IP address for it. The SSH
client will use this address as the destination for SSH connection.
<3Com> system-view
[3Com] interface vlan-interface 1
[3Com-Vlan-interface1] ip address 10.165.87.136 255.255.255.0
[3Com-Vlan-interface1] quit
# Generate an RSA key pair.
[3Com] rsa local-key-pair create
# Set the authentication mode for the user interfaces to AAA.
[3Com] user-interface vty 0 4
[3Com-ui-vty0-4] authentication-mode scheme
# Enable the user interfaces to support SSH.
[3Com-ui-vty0-4] protocol inbound ssh
# Set the client’s command privilege level to 3.
[3Com-ui-vty0-4] user privilege level 3
[3Com-ui-vty0-4] quit
# Configure the authentication method of the SSH client named client001 as
RSA.
[3Com] ssh user client001 authentication-type rsa
n
After generating an RSA key pair on the SSH client, manually configure the RSA
public key on the SSH server. For details, refer to “Configure Switch A” on page
297.
# Configure the client public key Switch001.
[3Com] rsa peer-public-key Switch001
RSA public key view: return to System View with "peer-public-key end".
[3Com-rsa-public-key] public-key-code begin
RSA key code view: return to last view with "public-key-code end".
[3Com-rsa-key-code] 3047
[3Com-rsa-key-code] 0240
[3Com-rsa-key-code] C8969B5A 132440F4 0BDB4E5E 40308747 804F608B
[3Com-rsa-key-code] 349EBD6A B0C75CDF 8B84DBE7 D5E2C4F8 AED72834
[3Com-rsa-key-code] 74D3404A 0B14363D D709CC63 68C8CE00 57C0EE6B
[3Com-rsa-key-code] 074C0CA9
[3Com-rsa-key-code] 0203
[3Com-rsa-key-code] 010001
[3Com-rsa-key-code] public-key-code end
[3Com-rsa-public-key] peer-public-key end
[3Com]
# Assign the public key Switch001 to client client001.
[3Com] ssh user client001 assign rsa-key Switch001
n
When the switch acting as the SSH client does not support first-time
authentication, you need to manually configure the server host public key on it.